22 matches found
CVE-2020-13112
Concisely: CVE-2020-13112 affects libexif prior to 0.6.22, caused by several buffer over-reads in EXIF MakerNote handling that could lead to information disclosure and crashes. Multiple connected advisories (ALAS2-2020-1523/1393, ALAS-2020-1443, CESA/CentOS/RH advisories, Debian LTS) corroborate ...
CVE-2020-12767
The CVE-2020-12767 issue affects libexif version 0.6.21, where exif_entry_get_value in exif-entry.c has a divide-by-zero condition. Multiple connected notices confirm this specific vulnerability in libexif 0.6.21 and reference fix/mitigation in subsequent releases (notably libexif 0.6.22). Practi...
CVE-2020-0093
CVE-2020-0093 is a libexif vulnerability affecting Android 8.x–10, where a missing bounds check in exif_data_save_data_entry can cause an out-of-bounds read, leading to local information disclosure. The issue arises from an insufficient bounds check in exif-data.c; exploit requires user interacti...
CVE-2020-13113
The CVE-2020-13113 issue affects libexif up to version 0.6.22. The root cause is use of uninitialized memory in EXIF Makernote handling, which could cause crashes and potential use-after-free conditions. The connected advisories confirm this as a vulnerability in libexif with impacts including cr...
CVE-2018-20030
The CVE affects libexif 0.6.21, where processing EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EXIF tags could be exploited to exhaust CPU resources, causing a Denial of Service. Multiple connected advisories note this as a fixed issue in newer libexif packages and recommend upgrading to patched release...
CVE-2016-6328
CVE-2016-6328 affects the libexif library, where an integer overflow during parsing of the MNOTE entry data in input files can lead to Denial-of-Service and Information Disclosure (including sensitive heap data). Public remediation exists: Debian LTS fixed in libexif 0.6.21-2+deb8u2; Cloud Foundr...
CVE-2020-13114
CVE-2020-13114 affects libexif up to version 0.6.21, where an unrestricted size in handling Canon EXIF MakerNote data can cause excessive compute time during EXIF decoding (DoS). Affected component: libexif (exif-data.c/maker-note handling). Impact described across multiple advisories: potential ...
CVE-2017-7544
CVE-2017-7544 affects libexif up to version 0.6.21, with an out-of-bounds heap read in exif_data_save_data_entry (libexif/exif-data.c) caused by improper length computation of ExifMnote entry data. Consequences stated in the primary doc include possible denial-of-service and information disclosur...
CVE-2020-0198
The CVE-2020-0198 entry concerns the libexif library used on Android-10. The issue is in exif_data_load_data_content of exif-data.c, where an integer overflow can trigger a UBSAN abort, potentially enabling remote denial of service with no additional execution privileges. Exploitation requires us...
CVE-2012-2836
The CVE-2012-2836 issue affects the libexif library (exif_data_load_data in libexif) prior to version 0.6.21. It allows remote attackers to trigger a denial of service (out-of-bounds read) or potentially leak sensitive process memory through crafted EXIF tags in an image. Impact is tied to applic...
CVE-2012-2812
CVE-2012-2812 affects the EXIF Tag Parsing Library (libexif) prior to 0.6.21. The issue is a heap-based out-of-bounds read in exif_entry_get_value that can cause denial of service or leak memory content via crafted EXIF tags. Upstream fixes and distribution advisories fixed this in 0.6.21 (and re...
CVE-2020-0181
CVE-2020-0181 affects libexif: the DoS is due to an integer overflow in exif_data_load_data_thumbnail within exif-data.c. The Nessus/NVD data describe remote denial of service with network access and no user interaction. Multiple advisories (Unity Linux, MiracleLinux, SUSE, Red Hat) reference thi...
CVE-2012-2841
The CVE-2012-2841 issue is an integer underflow in libexif’s exif_entry_get_value function that can cause a heap overflow and potentially arbitrary code execution when formatting an EXIF tag. Affected versions include libexif 0.6.20 (and related 0.6.x) across multiple distributions. Public adviso...
CVE-2012-2813
CVE-2012-2813 affects the libexif library; the vulnerability is a heap-based out-of-bounds read in the exif_convert_utf16_to_utf8 function (exif-entry.c) when processing crafted EXIF tags. Successful exploitation could cause a denial of service or potentially disclose memory contents. Affected re...
CVE-2012-2814
CVE-2012-2814 is a buffer overflow in libexif 0.6.20 (exif_entry_format_value in exif-entry.c) that allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags. Connected advisories confirm this flaw across packages (libexif) and note that fixes w...
CVE-2012-2837
CVE-2012-2837 affects the EXIF Tag Parsing Library (libexif); the divide-by-zero occurs in mnote_olympus_entry_get_value when formatting EXIF maker note tags, via images with crafted EXIF data. Affected: libexif up to version 0.6.20 (pre-0.6.21). Impact: remote denial of service. Public advisorie...
CVE-2012-2840
CVE-2012-2840 : In libexif, an off-by-one error in the exif_convert_utf16_to_utf8 function (exif-entry.c) below version 0.6.21 can be triggered by crafted EXIF tags in an image, potentially causing a denial of service or remote code execution. Multiple public advisories confirm the flaw and coord...
CVE-2009-3895
CVE-2009-3895 affects libexif 0.6.18, specifically the heap-based buffer overflow in the exif_entry_fix function (the tag fixup routine) in libexif/exif-entry.c. An attacker could exploit an invalid EXIF image to trigger a denial of service or potentially execute arbitrary code. The vulnerability...
CVE-2007-6351
CVE-2007-6351 affects libexif up to version 0.6.16 and earlier via crafted Exif tags, causing an infinite recursion that can crash the application; CVE-2007-6352 is an accompanying integer-overflow issue in the same Exif parsing path that could crash or, in some contexts, allow code execution. Th...
CVE-2026-32775
CVE-2026-32775 affects libexif up to 0.6.25, in the MakerNotes decoding path. The flaw occurs in the function exif_mnote_data_get_value when a 0-sized input is passed, causing an integer underflow that overwrites the provided buffer. The CVSS 3.1 vector assigns a base score of 7.4 (HIGH) with LOC...
CVE-2026-40385
CVE-2026-40385 affects libexif up to 0.6.25, with an unsigned 32‑bit overflow in Nikon MakerNote handling on 32‑bit systems that can lead to crashes or information disclosure. Connected advisories confirm availability of fixes (e.g., Debian LTS advisory fixing to a newer libexif version; other ad...
CVE-2026-40386
CVE-2026-40386 affects libexif up to 0.6.25, with an integer underflow in size checking for Fuji and Olympus MakerNote decoding that can cause crashes and information leakage. A patched version is available (>= 0.6.24-3 per affected advisories); update to mitigate.